Oracle Weblogic Server (MOSC)

MOSC Banner

log4j in .patch_storage

Hi Community,

Our Nessus Scans are finding vulnerable log4j-1.2.17.jar files on our Oracle WebLogic Server 12.2.1.3. They are found in the %Oracle_Home%.patch-storage directory. Understanding that these files are used for roll back.

Questions:

1) Are this files really vulnerablities as they are not active in an application?

2) If yes, should I just delete/move them? 

thanks

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center